Good article by WhatsApp on why content “traceability” is so hard. faq.whatsapp.com/general/securi…
The post makes this point informally, but it really seems like there’s an impossibility result in this problem: it’s impossible to have privacy and traceability at the same time without some very specific requirements.
There’s this idea that you can have content sent among small groups where there’s privacy of who is forwarding what, but when a piece of content goes “viral” suddenly we can trace the content back to its originator.
But “going viral” isn’t a cryptographically meaningful event. Anyone who intercepts a piece of content can cause it to “go viral”, or simulate that. This is like saying there’s a piece of information in a file, but you can’t see it unless you make lots and lots of copies.
So in other words: everyone who receives a “forward” in a traceable system has to be able to trace it back to its originator. There’s no way to do traceability just for viral content.
The only exception I can see to this is the following. Maybe you can can’t trace originators, but perhaps you can trace major “fan out” events: situations where a single sender transmits copies of the same file to many, many people.
The idea would be to secret-share the sender’s identity across all of those copies. This would be arranged so your identity would be recoverable only with many shares: so only people who sent thousands of copies could ever be traced.
But this would not take you to the originator: it would only find major amplifiers. And in a system with lots of viral forwarding I’m not even sure how well that would survive. It would be pretty trivial to evade and would mostly find people way down in the transmission chain.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
